class UsersController < ApplicationController

  # render new.rhtml
  def new
  end

  # POST /login
  def create
    cookies.delete :auth_token
    # protects against session fixation attacks, wreaks havoc with 
    # request forgery protection.
    # uncomment at your own risk
    # reset_session
    @user = User.new(params[:user])
    @user.save
    if @user.errors.empty?
      self.current_user = @user
      redirect_to(projects_url)
	  flash[:notice] = "Thanks for signing up!"
    else
      render :action => 'new'
    end
  end

  # GET /users
  # TODO add auhtentication check
  def index
    @users = User.find(:all)
    respond_to do |format|
      format.html # index.html.erb
    end
  end
  
  # GET /users/1
  # TODO add auhtentication check
  def show
    @user = User.find(params[:id])

    respond_to do |format|
      format.html # show.html.erb
	end
  end
end
